Andrew Dunstan <[EMAIL PROTECTED]> writes:
> Attached is a patch to the scanner and the COPY code that checks for 
> invalidly encoded data that can currently leak into our system via \ 
> escapes in quoted literals or text mode copy fields, as recently 
> discussed. That would still leave holes via chr(), convert() and 
> possibly other functions, but these two paths are the biggest holes that 
> need plugging.

The COPY code looks sane.  On the scan.l change, I believe two out of
three of those calls are useless, because we do not do backslash
processing in dollar-quoted strings nor in quoted identifiers.
Also, I'd kinda like to have the check-for-high-bit optimization in
scan.l too --- some people do throw big literals at the thing.

                        regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not

Reply via email to